CVE-2006-1186

2006-04-1123:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1186

microsoft

internet explorer

remote code execution

activex controls

memory corruption

nvd

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.946 High

EPSS

Percentile

99.2%

JSON

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

CPENameOperatorVersion
microsoft:iemicrosoft ieeq5.0.1
microsoft:internet_explorermicrosoft internet explorereq5.01
microsoft:iemicrosoft ieeq6
microsoft:iemicrosoft ieeq5.01
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq5.0.1
microsoft:internet_explorermicrosoft internet explorereq5.1

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	5.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	5.01
microsoft:ie	microsoft ie	eq	6
microsoft:ie	microsoft ie	eq	5.01
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	5.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	5.1